INFORMATION SECURITY

ITS

SSH scans

May 31, 2007

There has been a significant uptake in ssh scanning of hosts in the Case networks. A number of ssh brute-force attacks have also occurred in various campus areas over the past few months.

Users with unix/linux/MacOS systems are advised to assure that host firewalls or TCP wrappers permit ssh sessions only from known hosts, and that local accounts have strong passwords/credentials in order to resist this type of attack.